Checking my incoming links, I saw some rather naughty words people were using to find my blog. Given that it’s a science blog, and family friendly, I was suspicious!
I’ve been hacked. Someone inserted code into many of my pages (not sure how many yet) with links to dirty sites. Here’s the code:
<div style='position:absolute; top:-5000px; left:-3000px'> <a href=www.unc.edu/~zito/worklog/?p=5>.</a><a href=www.unc.edu/~zito/worklog/?p=4>.</a> <a href=http://powergolflink.com/TimeLeft3/Tmp/nude-teens-free.html>.</a><a href=http://powergolflink.com/TimeLeft3/Tmp/nonude-teens.html>.</a><a h </div>
I have deleted many many links from that list (there were maybe 40), since you get the idea.
I don’t know when this happened; I just upgraded to 2.0.x a week ago, so it may have been before that.
Is there some way to know when this may have been inserted into my content (note the offsets in the first line; the bad stuff doesn’t display, so someone may have been going for pagerank here).
Also, is there some way to bulk delete it from my database? Going through dozens of posts will be a pain.
- The topic ‘I’ve been hacked– some way to tell when?’ is closed to new replies.